<?php
// take input from delquotes.php and delete quotes that already exist

include "adminfunctions.php";
$qid = $_POST['qnum']; //original 
$cqid = $_POST['yno']; //confirm

if((!$qid) or (!preg_match("/admin\/delquotes.php/",$_SERVER['HTTP_REFERER']))){
	die("Hacking Attempt....");
}

else if($qid != $cqid){ // we didnt die above, so it must be ok....
// lets confirm that they are deleting the right quote
	die("You did not enter the same quote both times on the previous page. Please make sure you didn't make a typo and try again");
}
else {
	startsql(); // start the sql conn
	mysql_query("DELETE FROM quotes WHERE id=$qid"); // delete the quote
	echo "Deleted Quote - Bringing you back";
	echo '<meta http-equiv="refresh" content="1;url=./delquotes.php?deleted='.$qid.'">';



}
	

?>